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-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )IEl Responsive to communication(s) filed on 03 October 2001 . 
2a)D This action is FINAL. 2b)[X] This action is non-final. 

3) \~\ Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213, 

Disposition of Claims 

4) [X] Claim(s) 1-17 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) S Claim(s) 7-77 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) d The specification is objected to by the Examiner. 

10)[X] The drawing(s) filed on 12 April 2001 is/are: a)Q accepted or b)[X] objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 
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1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. This action is in response to the communication filed on 10/03/2001 . Claims 1 - 
17 were received for consideration. No preliminary amendments to the claims were 
filed. Claims 1 - 17 are currently being considered. 

Drawings 

2. The drawings are objected to as failing to comply with 37 CFR 1 .84(p)(5) 
because they do not include the following reference sign(s) mentioned in the 
description: "message 318" is not labeled in fig. 5. 

Corrected drawing sheets in compliance with 37 CFR 1 .121(d) are required in 
reply to the Office action to avoid abandonment of the application. Any amended 
replacement drawing sheet should include all of the figures appearing on the immediate 
prior version of the sheet, even if only one figure is being amended. The replacement 
sheet(s) should be labeled "Replacement Sheet" in the page header (as per 37 CFR 
1 .84(c)) so as not to obstruct any portion of the drawing figures. If the changes are not 
accepted by the examiner, the applicant will be notified and informed of any required 
corrective action in the next Office action. The objection to the drawings will not be held 
in abeyance. 
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Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent 

3. Claims 1-17 are rejected under 35 U.S.C. 102(b) as being anticipated by Spies et 
al. (Patent Number 5,689,565). 

Regarding Claim 1, Pierce teaches and describes a method for use in protecting 
information in forwarded authentication messages (Fig. 10, 11, 15, 17, 18, 23 and 
Column 8 line 61 -Column 12 line 63), the method comprising: 

encoding data using an encryption key (Column 8 line 61 - Column 9 line 2 and 
Column 17 line 13 - Column 18 line 45); 

encoding the encryption key using at least one other encryption key (Column 9 
line 59 -Column 10 line 9 and Column 17 line 13 -Column 18 line 45); and 

encapsulating the resulting encoded data and the encoded encryption key in a 
forwarded authentication message (Column 12 lines 60 - 66; Column 15 line 63 - 
Column 16 line 3 and Column 17 line 13 - Column 18 line 45). 

Regarding Claim 6, Pierce teaches and describes a computer-readable medium 
for use in protecting information in forwarded authentication messages (Fig. 10, 11, 15, 
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17, 18, 23 and Column 8 line 61 -Column 12 line 63), the computer-readable medium 
having computer-executable instructions for performing acts comprising: 

using an encryption key to encode data (Column 8 line 61 - Column 9 line 2 and 
Column 17 line 13 - Column 18 line 45); 

using at least one other encryption key to encode the encryption key (Column 0 
line 59 - Column 10 line 9 and Column 17 line 13 - Column 18 line 45); 

including the resulting encoded data in at least one authentication message; and 
including the encoded encryption key in at least one authentication message (Column 
12 lines 60-66; Column 15 line 63 -Column 16 line 3 and Column 17 line 13 - 
Column 18 line 45). 

Regarding Claim 12, Pierce teaches and describes an apparatus for use in 
protecting information in forwarded authentication messages (Fig. 10, 11, 15, 17, 18, 23 
and Column 8 line 61 -Column 12 line 63), the apparatus comprising logic configured to 
encode data using an encryption key (Column 8 line 61 - Column 9 line 2 and Column 
17 line 13 -Column 18 line 45), 

encode the encryption key using at least one other encryption key (Column 9 line 
59 - Column 1 0 line 3 and Column 1 7 line 1 3 - Column 1 8 line 45), and 

encapsulate the resulting encoded data and the encoded encryption key in an 
authentication message (Column 12 lines 60 - 66; Column 15 line 63 - Column 16 line 
3 and Column 17 line 13 -Column 18 line 45). 
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Regarding Claim 17, Pierce teaches and describes a computer-readable medium 
having stored thereon an authentication message (Fig. 10, 11, 15, 17, 18, 23 and 
Column 8 line 61 -Column 12 line 63), comprising; 

encoded data (Column 8 line 61 - Column 9 line 2 and Column 17 line 13 - 
Column 18 line 45); and 

at least one encoded encryption key operatively associated with at least a portion 
of the encoded data (Column 9 line 59 - Column 1 9 line 9 and Column 17 line 13 — 
Column 18 line 45). 

Claim 2 is rejected as applied above in rejecting claim 1. Furthermore, Pierce 
teaches and describes, a method for use in protecting information in forwarded 
authentication messages, further comprising encoding the encryption key a plurality of 
times using a plurality of other encryption keys, and further encapsulating the resulting 
encoded encryption keys in the authentication message (Column 13 lines 37 - 65 and 
Column 17 line 13 - Column 18 line 45). 

Claim 3 is rejected as applied above in rejecting claim 1. Furthermore, Pierce 
teaches and describes, a method for use in protecting information in forwarded 
authentication messages, wherein the authentication message includes a Kerberos 
ticket (Column 14 lines 63 - 67). 
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Claim 5 is rejected as applied above in rejecting claim 1. Furthermore, Pierce 
teaches and describes, a method for use in protecting information in forwarded 
authentication messages, further comprising: 

providing the authentication message to a service (Column 3 lines 7 - 33; and 
Column 16 line 65 - Column 18 line 45); 

providing the at least one other encryption key to the service (Column 17 lines 39 
- Column 18 line 45); 

causing the service to decode the encoded encryption key using the at least one 
other encryption key; and causing the service to decode the encoded data using the 
resulting decoded encryption key (Column 17 lines 13-58 and Column 18 lines 27 - 
37). 

Claim 7 is rejected as applied above in rejecting claim 6. Furthermore, Pierce 
teaches and describes, a computer-readable medium for use in protecting information in 
forwarded authentication messages, the computer-readable medium having computer- 
executable instructions wherein including the resulting encoded data in at least one 
authentication message and including the encoded encryption key in at least one 
authentication message, cause the resulting encoded data and the encoded encryption 
key to be included in the same authentication message (Column 8 line 61 - Column 10 
line 9; Column 12 lines 60-66 and Column 15 line 63 - Column 16 line 3). 
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Claim 8 is rejected as applied above in rejecting claim 6. Furthermore, Pierce 
teaches and describes, a computer-readable medium for use in protecting information in 
forwarded authentication messages, the computer-readable medium having computer- 
executable instructions further comprising 

computer-executable instructions for encoding the encryption key a plurality of 
times using a plurality of other encryption keys, and further encapsulating the resulting 
encoded encryption keys in at least one authentication message (Column 13 lines 37 - 
65). 

Claim 9 is rejected as applied above in rejecting claim 6. Furthermore, Pierce 
teaches and describes, a computer-readable medium for use in protecting information in 
forwarded authentication messages, the computer-readable medium having computer- 
executable instructions, wherein the authentication message includes a Kerberos ticket 
(Column 14 lines 63-67). 

Claim 11 is rejected as applied above in rejecting claim 6. Furthermore, Pierce 
teaches and describes, a computer-readable medium for use in protecting information in 
forwarded authentication messages, the computer-readable medium having computer- 
executable instructions further providing the authentication message to a service; 

providing the at least one other encryption key to the service (Column 17 lines 39 

- 67); 
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causing the service to decode the encoded encryption key using the at least one 
other encryption key; and causing the service to decode the encoded data using the 
resulting decoded encryption key (Column 17 lines 13-58 and Column 18 lines 27 - 
37). 

Claim 13 is rejected as applied above in rejecting claim 12. Furthermore, Pierce 
teaches and describes, an apparatus for use in protecting information in forwarded 
authentication messages, wherein the logic is further configured to encode the 
encryption key a plurality of times using a plurality of other encryption keys, and further 
encapsulate the resulting encoded encryption keys in the authentication message 
(Column 13 lines 37-65). 

Claim 14 is rejected as applied above in rejecting claim 12. Furthermore, Pierce 
teaches and describes, an apparatus for use in protecting information in forwarded 
authentication messages, wherein the authentication message includes a Kerberos 
ticket (Column 14 lines 63 - 67). 

Claim 16 is rejected as applied above in rejecting claim 12. Furthermore, Pierce 
teaches and describes, an apparatus for use in protecting information in forwarded 
authentication messages, further comprising a least one service operatively coupled to 
receive the authentication message from the logic (Column 3 lines 7-33 and Column 
16 line 65 - Column 17 line 27), and 
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configured to decode the encoded encryption key using the at least one other 
encryption key and decode the encoded data using the resulting decoded encryption 
key (Column 17 lines 13-58 and Column 18 lines 27 - 37). 

Claim 4 is rejected as applied above in rejecting claim 3. Furthermore, Pierce 
teaches and describes, a method for use in protecting information in forwarded 
authentication messages, wherein the data includes authorization data within the 
Kerberos ticket (Column 1 4 lines 63 - 67 and Column 1 5 lines 1 1 - 35). 

Claim 10 is rejected as applied above in rejecting claim 9. Furthermore, Pierce 
teaches and describes, a computer-readable medium for use in protecting information in 
forwarded authentication messages, the computer-readable medium having computer- 
executable instructions, wherein the data includes authorization data within the 
Kerberos ticket (Column 14 lines 63 - 67 and Column 1 5 lines 1 1 - 35). 

Claim 15 is rejected as applied above in rejecting claim 14. Furthermore, Pierce 
teaches and describes, an apparatus for use in protecting information in forwarded 
authentication messages, wherein the data includes authorization data within the 
Kerberos ticket (Column 1 4 lines 63 - 67 and Column 1 5 lines 1 1 - 35). 
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Conclusion 

Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks, Washington, D.C. 20231 or 
faxed to: (703) 872-9306 for all formal communications. 
Hand-delivered responses should be brought to Crystal Park II, 2121 Crystal 
Drive, Arlington, VA, Fourth Floor (Receptionist). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Pramila Parthasarathy whose telephone number is 703- 
305-8912. The examiner can normally be reached on 8:00a.m. To 5:00p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 703-305-9648. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703-305- 
3900. 



Pramila Parthasarathy 
Patent Examiner 
703-305-8912 

August 10, 2004 
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